Apple Urges iPhone, Mac Users to Update Immediately for Zero-Day Fix

Apple has released urgent security updates across its entire product line to address a critical zero-day vulnerability that has been actively exploited in the wild. The vulnerability, tracked as CVE-2024–23222, is a type confusion bug in the WebKit browser engine, which could allow threat actors to execute malicious code on affected devices simply by opening a specially crafted web page.

Type confusion vulnerabilities are particularly dangerous as they can be exploited to gain arbitrary code execution, potentially leading to complete control over an infected device. Apple has addressed the issue by implementing improved checks within the WebKit engine, effectively preventing attackers from exploiting the vulnerability.

The security updates are available for a wide range of devices and operating systems, including:

• iOS 17.3 and iPadOS 17.3: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
• iOS 16.7.5 and iPadOS 16.7.5: iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation